[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: dns-proxy-tor / freecap

Steven Colbert <scolbert56@xxxxxxxxx> wrote:

> On Win32, I am running tor/vidalia/privoxy.  
> Question 1: are my dns requests being leaked (or
> better yet, how I can tell for myself - ethereal?)? 

Visit http://config.privoxy.org/show-status
and make sure that Privoxy is using socks4a
to talk to Tor. If it is, Privoxy itself
doesn't leak DNS requests and if the browser
behaves, it doesn't either.

Of course every program that doesn't use
Privoxy or Tor directly with a DNS-safe connection
still leaks DNS requests.

>  - If so, is dns-proxy-tor a solution to this?

It can help, if you configure it as first and only
DNS server, but it can't itself stop broken applications
from using hard coded defaults. 

>  - If not, what beenfit would dns-proxy-tor give me?

If you can trust your applications to honour your
DNS server settings, you can use dns-proxy-tor to
stop DNS leakage. 

If you use it together with a decent packet filter,
you can make sure that there is no unencrypted
DNS traffic and connections from broken applications are
redirected into dns-proxy-tor or just fail.

> Question 2: Is freecap a solution to dns leakage? Or
> is this targeted for another situation?

I never used it and I think it's a pain to set it up,
but it could be an alternative solution.
> Sorry for being so naive, but I haven't found that
> much documentation on dns-proxy-tor...

Did you already read "perldoc dns-proxy-tor"?

Even if you don't use perldoc, you could download the
non-windows version, open it in any text editor and
scroll to the bottom to read the documentation.


Attachment: signature.asc
Description: PGP signature